oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-08-01 17:38:38 +00:00
Code Wiki Activity

Change the way to enable 2FA

Browse source 
And add a step to validate a generated code from the OTP app
This commit is contained in:
Jeremy Benoist 2019-01-18 22:46:44 +01:00
parent 4c0e747940
commit a0c5eb003f
No known key found for this signature in database
GPG key ID: BCA73962457ACC3C
20 changed files with 620 additions and 293 deletions
Download patch file Download diff file Expand all files Collapse all files

194
tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
View file

@ -297,119 +297,6 @@ class ConfigControllerTest extends WallabagCoreTestCase
$this->assertContains('flashes.config.notice.user_updated', $alert[0]);
}
public function testUserEnable2faEmail()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config');
$this->assertSame(200, $client->getResponse()->getStatusCode());
$form = $crawler->filter('button[id=update_user_save]')->form();
$data = [
'update_user[emailTwoFactor]' => '1',
];
$client->submit($form, $data);
$this->assertSame(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
$this->assertContains('flashes.config.notice.user_updated', $alert[0]);
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isEmailTwoFactor());
$user->setEmailTwoFactor(false);
$em->persist($user);
$em->flush();
}
public function testUserEnable2faGoogle()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config');
$this->assertSame(200, $client->getResponse()->getStatusCode());
$form = $crawler->filter('button[id=update_user_save]')->form();
$data = [
'update_user[googleTwoFactor]' => '1',
];
$client->submit($form, $data);
$this->assertSame(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
$this->assertContains('flashes.config.notice.user_updated', $alert[0]);
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isGoogleAuthenticatorEnabled());
$user->setGoogleAuthenticatorSecret(null);
$em->persist($user);
$em->flush();
}
public function testUserEnable2faBoth()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config');
$this->assertSame(200, $client->getResponse()->getStatusCode());
$form = $crawler->filter('button[id=update_user_save]')->form();
$data = [
'update_user[googleTwoFactor]' => '1',
'update_user[emailTwoFactor]' => '1',
];
$client->submit($form, $data);
$this->assertSame(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
$this->assertContains('flashes.config.notice.user_updated', $alert[0]);
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isGoogleAuthenticatorEnabled());
$this->assertFalse($user->isEmailTwoFactor());
$user->setGoogleAuthenticatorSecret(null);
$em->persist($user);
$em->flush();
}
public function testRssUpdateResetToken()
{
$this->logInAs('admin');
@ -1113,4 +1000,85 @@ class ConfigControllerTest extends WallabagCoreTestCase
$this->assertNotSame('yuyuyuyu', $client->getRequest()->getLocale());
$this->assertNotSame('yuyuyuyu', $client->getContainer()->get('session')->get('_locale'));
}
public function testUserEnable2faEmail()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config/otp/email');
$this->assertSame(302, $client->getResponse()->getStatusCode());
$crawler = $client->followRedirect();
$this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
$this->assertContains('flashes.config.notice.otp_enabled', $alert[0]);
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isEmailTwoFactor());
$user->setEmailTwoFactor(false);
$em->persist($user);
$em->flush();
}
public function testUserEnable2faGoogle()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config/otp/app');
$this->assertSame(200, $client->getResponse()->getStatusCode());
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isGoogleTwoFactor());
$this->assertGreaterThan(0, $user->getBackupCodes());
$user->setGoogleAuthenticatorSecret(false);
$user->setBackupCodes(null);
$em->persist($user);
$em->flush();
}
public function testUserEnable2faGoogleCancel()
{
$this->logInAs('admin');
$client = $this->getClient();
$crawler = $client->request('GET', '/config/otp/app');
$this->assertSame(200, $client->getResponse()->getStatusCode());
// restore user
$em = $this->getEntityManager();
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertTrue($user->isGoogleTwoFactor());
$this->assertGreaterThan(0, $user->getBackupCodes());
$crawler = $client->request('GET', '/config/otp/app/cancel');
$this->assertSame(302, $client->getResponse()->getStatusCode());
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$this->assertFalse($user->isGoogleTwoFactor());
$this->assertEmpty($user->getBackupCodes());
}
}